General
-
Target
79ada7141250044b596a570f15f1af3bb4742d15e9139e08be2194c819cdb686
-
Size
4.0MB
-
Sample
221130-t2kpwafh52
-
MD5
bf032c18dc141d69ed831539d1004ec4
-
SHA1
fd0522bd0a75d286bbc110eed375e14f910885c1
-
SHA256
79ada7141250044b596a570f15f1af3bb4742d15e9139e08be2194c819cdb686
-
SHA512
b799b0feb3b714adce3934271fb4170d9e4b7bfd360e4952222e140a69b090ca9f48ed1c35b31cea6ffb2ddbaa305974e2b37145ee3fb4b3370a38069c90c424
-
SSDEEP
98304:p1rNtsxmYRDNgkAcK0gHhobUVoh9sR0S4JcZ:pQ7n5A8UVeLS4JcZ
Static task
static1
Malware Config
Targets
-
-
Target
79ada7141250044b596a570f15f1af3bb4742d15e9139e08be2194c819cdb686
-
Size
4.0MB
-
MD5
bf032c18dc141d69ed831539d1004ec4
-
SHA1
fd0522bd0a75d286bbc110eed375e14f910885c1
-
SHA256
79ada7141250044b596a570f15f1af3bb4742d15e9139e08be2194c819cdb686
-
SHA512
b799b0feb3b714adce3934271fb4170d9e4b7bfd360e4952222e140a69b090ca9f48ed1c35b31cea6ffb2ddbaa305974e2b37145ee3fb4b3370a38069c90c424
-
SSDEEP
98304:p1rNtsxmYRDNgkAcK0gHhobUVoh9sR0S4JcZ:pQ7n5A8UVeLS4JcZ
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-